USN-8018-3
- Source
- https://ubuntu.com/security/notices/USN-8018-3
- Import Source
- https://github.com/canonical/ubuntu-security-notices/blob/main/osv/usn/USN-8018-3.json
- JSON Data
- https://api.osv.dev/v1/vulns/USN-8018-3
- Upstream
- Related
- Published
- 2026-03-19T05:20:43Z
- Modified
- 2026-03-24T12:14:34.726336Z
- Summary
- python2.7 vulnerabilities
- Details
-
USN-8018-1 fixed CVE-2025-12084, CVE-2025-15282, CVE-2026-0672, CVE-2026-0865 for python3. This update provides the corresponding updates for python2.7.
Original advisory details:
Denis Ledoux discovered that Python incorrectly parsed email message headers. An attacker could possibly use this issue to inject arbitrary headers into email messages. This issue only affected python3.6, python3.7, python3.8, python3.9, python3.10, python3.11, python3.12, python3.13, and python3.14 packages. (CVE-2025-11468)
Jacob Walls, Shai Berger, and Natalia Bidart discovered that Python inefficiently parsed XML input with quadratic complexity. An attacker could possibly use this issue to cause a denial of service. (CVE-2025-12084)
It was discovered that Python incorrectly parsed malicious plist files. An attacker could possibly use this issue to cause Python to use excessive resources, leading to a denial of service. This issue only affected python3.5, python3.6, python3.7, python3.8, python3.9, python3.10, python3.11, python3.12, python3.13, and python3.14 packages. (CVE-2025-13837)
Omar Hasan discovered that Python incorrectly parsed URL mediatypes. An attacker could possibly use this issue to inject arbitrary HTTP headers. (CVE-2025-15282)
Omar Hasan discovered that Python incorrectly parsed malicious IMAP inputs. An attacker could possibly use this issue to inject arbitrary IMAP commands. (CVE-2025-15366)
Omar Hasan discovered that Python incorrectly parsed malicious POP3 inputs. An attacker could possibly use this issue to inject arbitrary POP3 commands. (CVE-2025-15367)
Omar Hasan discovered that Python incorrectly parsed malicious HTTP cookie headers. An attacker could possibly use this issue to inject arbitrary HTTP headers. (CVE-2026-0672)
Omar Hasan discovered that Python incorrectly parsed malicious HTTP header names and values. An attacker could possibly use this issue to inject arbitrary HTTP headers. (CVE-2026-0865)
- References
Affected packages
Ubuntu:Pro:14.04:LTS / python2.7
Package
- Name
- python2.7
- Purl
- pkg:deb/ubuntu/python2.7@2.7.6-8ubuntu0.6+esm29?arch=source&distro=esm-infra-legacy/trusty
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affectedFixed2.7.6-8ubuntu0.6+esm29
Affected versions
2.*
2.7.5-8ubuntu3
2.7.5-8ubuntu4
2.7.6-2
2.7.6-2ubuntu1
2.7.6-3
2.7.6-3ubuntu1
2.7.6-4
2.7.6-4ubuntu1
2.7.6-5
2.7.6-7
2.7.6-8
2.7.6-8ubuntu0.2
2.7.6-8ubuntu0.3
2.7.6-8ubuntu0.4
2.7.6-8ubuntu0.5
2.7.6-8ubuntu0.6+esm2
2.7.6-8ubuntu0.6+esm3
2.7.6-8ubuntu0.6+esm5
2.7.6-8ubuntu0.6+esm6
2.7.6-8ubuntu0.6+esm7
2.7.6-8ubuntu0.6+esm8
2.7.6-8ubuntu0.6+esm9
2.7.6-8ubuntu0.6+esm10
2.7.6-8ubuntu0.6+esm11
2.7.6-8ubuntu0.6+esm12
2.7.6-8ubuntu0.6+esm13
2.7.6-8ubuntu0.6+esm14
2.7.6-8ubuntu0.6+esm15
2.7.6-8ubuntu0.6+esm16
2.7.6-8ubuntu0.6+esm17
2.7.6-8ubuntu0.6+esm18
2.7.6-8ubuntu0.6+esm20
2.7.6-8ubuntu0.6+esm21
2.7.6-8ubuntu0.6+esm22
2.7.6-8ubuntu0.6+esm24
2.7.6-8ubuntu0.6+esm25
2.7.6-8ubuntu0.6+esm26
2.7.6-8ubuntu0.6+esm28
Ecosystem specific
{
"binaries": [
{
"binary_name": "idle-python2.7",
"binary_version": "2.7.6-8ubuntu0.6+esm29"
},
{
"binary_name": "libpython2.7",
"binary_version": "2.7.6-8ubuntu0.6+esm29"
},
{
"binary_name": "libpython2.7-dev",
"binary_version": "2.7.6-8ubuntu0.6+esm29"
},
{
"binary_name": "libpython2.7-minimal",
"binary_version": "2.7.6-8ubuntu0.6+esm29"
},
{
"binary_name": "libpython2.7-stdlib",
"binary_version": "2.7.6-8ubuntu0.6+esm29"
},
{
"binary_name": "libpython2.7-testsuite",
"binary_version": "2.7.6-8ubuntu0.6+esm29"
},
{
"binary_name": "python2.7",
"binary_version": "2.7.6-8ubuntu0.6+esm29"
},
{
"binary_name": "python2.7-dev",
"binary_version": "2.7.6-8ubuntu0.6+esm29"
},
{
"binary_name": "python2.7-examples",
"binary_version": "2.7.6-8ubuntu0.6+esm29"
},
{
"binary_name": "python2.7-minimal",
"binary_version": "2.7.6-8ubuntu0.6+esm29"
}
],
"availability": "Available with Ubuntu Pro with Legacy support add-on: https://ubuntu.com/pro"
}
Database specific
cves_map
{
"cves": [
{
"id": "CVE-2025-12084",
"severity": [
{
"score": "CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N",
"type": "CVSS_V4"
},
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"type": "CVSS_V3"
},
{
"score": "medium",
"type": "Ubuntu"
}
]
},
{
"id": "CVE-2025-15282",
"severity": [
{
"score": "CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:N/VI:H/VA:N/SC:N/SI:L/SA:N",
"type": "CVSS_V4"
},
{
"score": "medium",
"type": "Ubuntu"
}
]
},
{
"id": "CVE-2026-0672",
"severity": [
{
"score": "CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:L/VI:H/VA:N/SC:N/SI:N/SA:N",
"type": "CVSS_V4"
},
{
"score": "medium",
"type": "Ubuntu"
}
]
},
{
"id": "CVE-2026-0865",
"severity": [
{
"score": "CVSS:4.0/AV:N/AC:L/AT:P/PR:H/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N",
"type": "CVSS_V4"
},
{
"score": "medium",
"type": "Ubuntu"
}
]
}
],
"ecosystem": "Ubuntu:Pro:14.04:LTS"
}
source
"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/usn/USN-8018-3.json"
Ubuntu:Pro:16.04:LTS / python2.7
Package
- Name
- python2.7
- Purl
- pkg:deb/ubuntu/python2.7@2.7.12-1ubuntu0~16.04.18+esm19?arch=source&distro=esm-infra/xenial
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affectedFixed2.7.12-1ubuntu0~16.04.18+esm19
Affected versions
2.*
2.7.10-4ubuntu1
2.7.10-4ubuntu2
2.7.11-2
2.7.11-3
2.7.11-4
2.7.11-6
2.7.11-7
2.7.11-7ubuntu1
2.7.12-1~16.04
2.7.12-1ubuntu0~16.04.1
2.7.12-1ubuntu0~16.04.2
2.7.12-1ubuntu0~16.04.3
2.7.12-1ubuntu0~16.04.4
2.7.12-1ubuntu0~16.04.8
2.7.12-1ubuntu0~16.04.9
2.7.12-1ubuntu0~16.04.11
2.7.12-1ubuntu0~16.04.12
2.7.12-1ubuntu0~16.04.13
2.7.12-1ubuntu0~16.04.14
2.7.12-1ubuntu0~16.04.16
2.7.12-1ubuntu0~16.04.18
2.7.12-1ubuntu0~16.04.18+esm1
2.7.12-1ubuntu0~16.04.18+esm2
2.7.12-1ubuntu0~16.04.18+esm3
2.7.12-1ubuntu0~16.04.18+esm4
2.7.12-1ubuntu0~16.04.18+esm5
2.7.12-1ubuntu0~16.04.18+esm6
2.7.12-1ubuntu0~16.04.18+esm7
2.7.12-1ubuntu0~16.04.18+esm8
2.7.12-1ubuntu0~16.04.18+esm9
2.7.12-1ubuntu0~16.04.18+esm10
2.7.12-1ubuntu0~16.04.18+esm11
2.7.12-1ubuntu0~16.04.18+esm12
2.7.12-1ubuntu0~16.04.18+esm13
2.7.12-1ubuntu0~16.04.18+esm15
2.7.12-1ubuntu0~16.04.18+esm16
2.7.12-1ubuntu0~16.04.18+esm17
2.7.12-1ubuntu0~16.04.18+esm18
Ecosystem specific
{
"binaries": [
{
"binary_name": "idle-python2.7",
"binary_version": "2.7.12-1ubuntu0~16.04.18+esm19"
},
{
"binary_name": "libpython2.7",
"binary_version": "2.7.12-1ubuntu0~16.04.18+esm19"
},
{
"binary_name": "libpython2.7-dev",
"binary_version": "2.7.12-1ubuntu0~16.04.18+esm19"
},
{
"binary_name": "libpython2.7-minimal",
"binary_version": "2.7.12-1ubuntu0~16.04.18+esm19"
},
{
"binary_name": "libpython2.7-stdlib",
"binary_version": "2.7.12-1ubuntu0~16.04.18+esm19"
},
{
"binary_name": "libpython2.7-testsuite",
"binary_version": "2.7.12-1ubuntu0~16.04.18+esm19"
},
{
"binary_name": "python2.7",
"binary_version": "2.7.12-1ubuntu0~16.04.18+esm19"
},
{
"binary_name": "python2.7-dev",
"binary_version": "2.7.12-1ubuntu0~16.04.18+esm19"
},
{
"binary_name": "python2.7-examples",
"binary_version": "2.7.12-1ubuntu0~16.04.18+esm19"
},
{
"binary_name": "python2.7-minimal",
"binary_version": "2.7.12-1ubuntu0~16.04.18+esm19"
}
],
"availability": "Available with Ubuntu Pro (Infra-only): https://ubuntu.com/pro"
}
Database specific
cves_map
{
"cves": [
{
"id": "CVE-2025-12084",
"severity": [
{
"score": "CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N",
"type": "CVSS_V4"
},
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"type": "CVSS_V3"
},
{
"score": "medium",
"type": "Ubuntu"
}
]
},
{
"id": "CVE-2025-15282",
"severity": [
{
"score": "CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:N/VI:H/VA:N/SC:N/SI:L/SA:N",
"type": "CVSS_V4"
},
{
"score": "medium",
"type": "Ubuntu"
}
]
},
{
"id": "CVE-2026-0672",
"severity": [
{
"score": "CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:L/VI:H/VA:N/SC:N/SI:N/SA:N",
"type": "CVSS_V4"
},
{
"score": "medium",
"type": "Ubuntu"
}
]
},
{
"id": "CVE-2026-0865",
"severity": [
{
"score": "CVSS:4.0/AV:N/AC:L/AT:P/PR:H/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N",
"type": "CVSS_V4"
},
{
"score": "medium",
"type": "Ubuntu"
}
]
}
],
"ecosystem": "Ubuntu:Pro:16.04:LTS"
}
source
"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/usn/USN-8018-3.json"
Ubuntu:Pro:18.04:LTS / python2.7
Package
- Name
- python2.7
- Purl
- pkg:deb/ubuntu/python2.7@2.7.17-1~18.04ubuntu1.13+esm14?arch=source&distro=esm-infra/bionic
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affectedFixed2.7.17-1~18.04ubuntu1.13+esm14
Affected versions
2.*
2.7.14-2ubuntu2
2.7.14-4
2.7.14-6
2.7.14-7
2.7.14-8
2.7.15~rc1-1
2.7.15~rc1-1ubuntu0.1
2.7.15-4ubuntu4~18.04
2.7.15-4ubuntu4~18.04.1
2.7.15-4ubuntu4~18.04.2
2.7.17-1~18.04
2.7.17-1~18.04ubuntu1
2.7.17-1~18.04ubuntu1.1
2.7.17-1~18.04ubuntu1.2
2.7.17-1~18.04ubuntu1.3
2.7.17-1~18.04ubuntu1.5
2.7.17-1~18.04ubuntu1.6
2.7.17-1~18.04ubuntu1.7
2.7.17-1~18.04ubuntu1.8
2.7.17-1~18.04ubuntu1.10
2.7.17-1~18.04ubuntu1.11
2.7.17-1~18.04ubuntu1.13
2.7.17-1~18.04ubuntu1.13+esm1
2.7.17-1~18.04ubuntu1.13+esm2
2.7.17-1~18.04ubuntu1.13+esm3
2.7.17-1~18.04ubuntu1.13+esm4
2.7.17-1~18.04ubuntu1.13+esm5
2.7.17-1~18.04ubuntu1.13+esm6
2.7.17-1~18.04ubuntu1.13+esm7
2.7.17-1~18.04ubuntu1.13+esm8
2.7.17-1~18.04ubuntu1.13+esm10
2.7.17-1~18.04ubuntu1.13+esm11
2.7.17-1~18.04ubuntu1.13+esm12
2.7.17-1~18.04ubuntu1.13+esm13
Ecosystem specific
{
"binaries": [
{
"binary_name": "idle-python2.7",
"binary_version": "2.7.17-1~18.04ubuntu1.13+esm14"
},
{
"binary_name": "libpython2.7",
"binary_version": "2.7.17-1~18.04ubuntu1.13+esm14"
},
{
"binary_name": "libpython2.7-dev",
"binary_version": "2.7.17-1~18.04ubuntu1.13+esm14"
},
{
"binary_name": "libpython2.7-minimal",
"binary_version": "2.7.17-1~18.04ubuntu1.13+esm14"
},
{
"binary_name": "libpython2.7-stdlib",
"binary_version": "2.7.17-1~18.04ubuntu1.13+esm14"
},
{
"binary_name": "libpython2.7-testsuite",
"binary_version": "2.7.17-1~18.04ubuntu1.13+esm14"
},
{
"binary_name": "python2.7",
"binary_version": "2.7.17-1~18.04ubuntu1.13+esm14"
},
{
"binary_name": "python2.7-dev",
"binary_version": "2.7.17-1~18.04ubuntu1.13+esm14"
},
{
"binary_name": "python2.7-examples",
"binary_version": "2.7.17-1~18.04ubuntu1.13+esm14"
},
{
"binary_name": "python2.7-minimal",
"binary_version": "2.7.17-1~18.04ubuntu1.13+esm14"
}
],
"availability": "Available with Ubuntu Pro (Infra-only): https://ubuntu.com/pro"
}
Database specific
cves_map
{
"cves": [
{
"id": "CVE-2025-12084",
"severity": [
{
"score": "CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N",
"type": "CVSS_V4"
},
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"type": "CVSS_V3"
},
{
"score": "medium",
"type": "Ubuntu"
}
]
},
{
"id": "CVE-2025-15282",
"severity": [
{
"score": "CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:N/VI:H/VA:N/SC:N/SI:L/SA:N",
"type": "CVSS_V4"
},
{
"score": "medium",
"type": "Ubuntu"
}
]
},
{
"id": "CVE-2026-0672",
"severity": [
{
"score": "CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:L/VI:H/VA:N/SC:N/SI:N/SA:N",
"type": "CVSS_V4"
},
{
"score": "medium",
"type": "Ubuntu"
}
]
},
{
"id": "CVE-2026-0865",
"severity": [
{
"score": "CVSS:4.0/AV:N/AC:L/AT:P/PR:H/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N",
"type": "CVSS_V4"
},
{
"score": "medium",
"type": "Ubuntu"
}
]
}
],
"ecosystem": "Ubuntu:Pro:18.04:LTS"
}
source
"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/usn/USN-8018-3.json"
Ubuntu:Pro:20.04:LTS / python2.7
Package
- Name
- python2.7
- Purl
- pkg:deb/ubuntu/python2.7@2.7.18-1~20.04.7+esm9?arch=source&distro=esm-apps/focal
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affectedFixed2.7.18-1~20.04.7+esm9
Affected versions
2.*
2.7.17~rc1-1
2.7.17-1
2.7.17-1ubuntu5
2.7.17-1ubuntu6
2.7.18~rc1-2
2.7.18-1~20.04
2.7.18-1~20.04.1
2.7.18-1~20.04.1+esm1
2.7.18-1~20.04.3
2.7.18-1~20.04.3+esm1
2.7.18-1~20.04.4
2.7.18-1~20.04.4+esm1
2.7.18-1~20.04.4+esm2
2.7.18-1~20.04.4+esm3
2.7.18-1~20.04.5
2.7.18-1~20.04.5+esm1
2.7.18-1~20.04.5+esm2
2.7.18-1~20.04.6
2.7.18-1~20.04.6+esm1
2.7.18-1~20.04.7
2.7.18-1~20.04.7+esm3
2.7.18-1~20.04.7+esm4
2.7.18-1~20.04.7+esm6
2.7.18-1~20.04.7+esm7
2.7.18-1~20.04.7+esm8
Ecosystem specific
{
"binaries": [
{
"binary_name": "idle-python2.7",
"binary_version": "2.7.18-1~20.04.7+esm9"
},
{
"binary_name": "libpython2.7",
"binary_version": "2.7.18-1~20.04.7+esm9"
},
{
"binary_name": "libpython2.7-dev",
"binary_version": "2.7.18-1~20.04.7+esm9"
},
{
"binary_name": "libpython2.7-minimal",
"binary_version": "2.7.18-1~20.04.7+esm9"
},
{
"binary_name": "libpython2.7-stdlib",
"binary_version": "2.7.18-1~20.04.7+esm9"
},
{
"binary_name": "libpython2.7-testsuite",
"binary_version": "2.7.18-1~20.04.7+esm9"
},
{
"binary_name": "python2.7",
"binary_version": "2.7.18-1~20.04.7+esm9"
},
{
"binary_name": "python2.7-dev",
"binary_version": "2.7.18-1~20.04.7+esm9"
},
{
"binary_name": "python2.7-examples",
"binary_version": "2.7.18-1~20.04.7+esm9"
},
{
"binary_name": "python2.7-minimal",
"binary_version": "2.7.18-1~20.04.7+esm9"
}
],
"availability": "Available with Ubuntu Pro: https://ubuntu.com/pro"
}
Database specific
cves_map
{
"cves": [
{
"id": "CVE-2025-12084",
"severity": [
{
"score": "CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N",
"type": "CVSS_V4"
},
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"type": "CVSS_V3"
},
{
"score": "medium",
"type": "Ubuntu"
}
]
},
{
"id": "CVE-2025-15282",
"severity": [
{
"score": "CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:N/VI:H/VA:N/SC:N/SI:L/SA:N",
"type": "CVSS_V4"
},
{
"score": "medium",
"type": "Ubuntu"
}
]
},
{
"id": "CVE-2026-0672",
"severity": [
{
"score": "CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:L/VI:H/VA:N/SC:N/SI:N/SA:N",
"type": "CVSS_V4"
},
{
"score": "medium",
"type": "Ubuntu"
}
]
},
{
"id": "CVE-2026-0865",
"severity": [
{
"score": "CVSS:4.0/AV:N/AC:L/AT:P/PR:H/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N",
"type": "CVSS_V4"
},
{
"score": "medium",
"type": "Ubuntu"
}
]
}
],
"ecosystem": "Ubuntu:Pro:20.04:LTS"
}
source
"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/usn/USN-8018-3.json"
Ubuntu:Pro:22.04:LTS / python2.7
Package
- Name
- python2.7
- Purl
- pkg:deb/ubuntu/python2.7@2.7.18-13ubuntu1.5+esm8?arch=source&distro=esm-apps/jammy
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affectedFixed2.7.18-13ubuntu1.5+esm8
Affected versions
2.*
2.7.18-8build1
2.7.18-13
2.7.18-13ubuntu1
2.7.18-13ubuntu1.1
2.7.18-13ubuntu1.1+esm2
2.7.18-13ubuntu1.2
2.7.18-13ubuntu1.2+esm1
2.7.18-13ubuntu1.2+esm2
2.7.18-13ubuntu1.2+esm3
2.7.18-13ubuntu1.3
2.7.18-13ubuntu1.3+esm1
2.7.18-13ubuntu1.4
2.7.18-13ubuntu1.4+esm1
2.7.18-13ubuntu1.5
2.7.18-13ubuntu1.5+esm2
2.7.18-13ubuntu1.5+esm3
2.7.18-13ubuntu1.5+esm5
2.7.18-13ubuntu1.5+esm6
2.7.18-13ubuntu1.5+esm7
Ecosystem specific
{
"binaries": [
{
"binary_name": "idle-python2.7",
"binary_version": "2.7.18-13ubuntu1.5+esm8"
},
{
"binary_name": "libpython2.7",
"binary_version": "2.7.18-13ubuntu1.5+esm8"
},
{
"binary_name": "libpython2.7-dev",
"binary_version": "2.7.18-13ubuntu1.5+esm8"
},
{
"binary_name": "libpython2.7-minimal",
"binary_version": "2.7.18-13ubuntu1.5+esm8"
},
{
"binary_name": "libpython2.7-stdlib",
"binary_version": "2.7.18-13ubuntu1.5+esm8"
},
{
"binary_name": "libpython2.7-testsuite",
"binary_version": "2.7.18-13ubuntu1.5+esm8"
},
{
"binary_name": "python2.7",
"binary_version": "2.7.18-13ubuntu1.5+esm8"
},
{
"binary_name": "python2.7-dev",
"binary_version": "2.7.18-13ubuntu1.5+esm8"
},
{
"binary_name": "python2.7-examples",
"binary_version": "2.7.18-13ubuntu1.5+esm8"
},
{
"binary_name": "python2.7-minimal",
"binary_version": "2.7.18-13ubuntu1.5+esm8"
}
],
"availability": "Available with Ubuntu Pro: https://ubuntu.com/pro"
}
Database specific
cves_map
{
"cves": [
{
"id": "CVE-2025-12084",
"severity": [
{
"score": "CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N",
"type": "CVSS_V4"
},
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"type": "CVSS_V3"
},
{
"score": "medium",
"type": "Ubuntu"
}
]
},
{
"id": "CVE-2025-15282",
"severity": [
{
"score": "CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:N/VI:H/VA:N/SC:N/SI:L/SA:N",
"type": "CVSS_V4"
},
{
"score": "medium",
"type": "Ubuntu"
}
]
},
{
"id": "CVE-2026-0672",
"severity": [
{
"score": "CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:L/VI:H/VA:N/SC:N/SI:N/SA:N",
"type": "CVSS_V4"
},
{
"score": "medium",
"type": "Ubuntu"
}
]
},
{
"id": "CVE-2026-0865",
"severity": [
{
"score": "CVSS:4.0/AV:N/AC:L/AT:P/PR:H/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N",
"type": "CVSS_V4"
},
{
"score": "medium",
"type": "Ubuntu"
}
]
}
],
"ecosystem": "Ubuntu:Pro:22.04:LTS"
}
source
"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/usn/USN-8018-3.json"